The New York Attorney General's Office reached an agreement with Refuah Health Center to invest USD1.2 million in cybersecurity measures after allegedly failing to protect patient data from a ransomware attack. The company must pay USD450,000 in penalties and take steps such as upkeep an information security program, require multifactor authentication to remotely access data and conduct audits to ensure limited user access.
10 Jan. 2024
Health care provider agrees to invest in cybersecurity protections
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act
